It is not a vulnerability, but most security types would rather see it disabled. If you have access to the configurations files for the web server, you can change it yourself. Otherwise you have to contact the web provider and ask them to disable it. Disable tls 1.1 also.